Is there a way to replicate sessions in version 5.2.9 ?
45 views
Skip to first unread message
Freedom K
Sep 26, 2022, 10:00:44 AM9/26/22
to CAS Community
Hi everyone,
I am using CAS vesrion 5.2.9 with saml okta as authenticator and I am searching for a way to share the sessions between two cas servers.
This is because the service is stored in the session and if the login requests starts in cas 1 but after the okta authentication is redirected to cas 2 the service /session is not recognized by cas 2.
Up to now I am using ehcache to replicate the tgt and st , but for the sessions I have not found a way yet.
This is because the service is stored in the session and if the login requests starts in cas 1 but after the okta authentication is redirected to cas 2 the service /session is not recognized by cas 2.
Up to now I am using ehcache to replicate the tgt and st , but for the sessions I have not found a way yet.
Thank you,
Ria
Ray Bon
Sep 26, 2022, 11:36:07 AM9/26/22
to cas-...@apereo.org
Ria,
The session is managed by the application container; tomcat, jetty, etc.
Look into clustering the container.
Ray
On Mon, 2022-09-26 at 07:00 -0700, Freedom K wrote:
Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.
Freedom K
Sep 27, 2022, 8:52:16 AM9/27/22
to CAS Community, Ray Bon
Thank you for your answer.
Is this the only way to succeed this in cas version 5.2.9?
I see, probably in a greater version of cas, some other options that I am not sure however if exist in this version of cas.
e.g set the config cas.authn.saml-idp.core.session-storage-type=TICKET_REGISTRY . Is something similar possible in the cas version I am using?
e.g set the config cas.authn.saml-idp.core.session-storage-type=TICKET_REGISTRY . Is something similar possible in the cas version I am using?
Thanks
Ria
Ray Bon
Sep 27, 2022, 1:30:33 PM9/27/22
to 333...@windowslive.com, cas-...@apereo.org
Ria,
The simple answer would be to upgrade.
Do you have documentation for Cas 5?
Perhaps I misunderstood the session issues. It could be that cas 5 does
not have the feature to cluster delegated saml auth. It may be that you
have a missing encryption key for saml storage (so cas will generate
one for each server at startup - there will be a log message).
Ray
On Tue, 2022-09-27 at 05:52 -0700, Freedom K wrote:
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive
> information.
>
The simple answer would be to upgrade.
Do you have documentation for Cas 5?
Perhaps I misunderstood the session issues. It could be that cas 5 does
not have the feature to cluster delegated saml auth. It may be that you
have a missing encryption key for saml storage (so cas will generate
one for each server at startup - there will be a log message).
Ray
On Tue, 2022-09-27 at 05:52 -0700, Freedom K wrote:
> Notice: This message was sent from outside the University of Victoria
> email system. Please be cautious with links and sensitive
> information.
>
Reply all
Reply to author
Forward
0 new messages